About Securing the SIMULIA Execution Engine Station File System

For a secure SIMULIA Execution Engine operating environment, it is important to consider the local file system of the SIMULIA Execution Engine station computer.

This file system is, in general, available to any SIMULIA Execution Engine job that runs on the station. The SIMULIA Execution Engine job can attempt to read or write any part of the file system, including network attached drives.

It is important, therefore, to properly secure the local file system against inadvertent or malicious use by a SIMULIA Execution Engine job. SIMULIA Execution Engine stations using the Run-As feature behave differently (from a file system security point of view) than stations running without this feature enabled.

About File System Security Without Run-As

Without the station Run-As feature, the SIMULIA Execution Engine station runs as a single process with the security identity of the user that starts the process. The station, therefore, has access to exactly the same set of files as the user that starts it.

If that user has complete access to the entire file system, all users that run jobs on that station also have access to that computer’s entire file system. SIMULIA Execution Engine jobs on such a system can read or write any file including operating system files or private user data.

The first step in securing the file system in this environment is to use a dedicated, restricted user name to run the SIMULIA Execution Engine station process. The restricted user name should be given access only to the parts of the file system needed for proper operation of the station and jobs that run there. In general, this setup requires read access to basic operating system files, read access to the SIMULIA Execution Engine installation directories, and read/write access to the SIMULIA Execution Engine station temporary directory. The temporary directory can be specified in the station.properties file, which is located at the top level of the SIMULIA Execution Engine or station installation directory. In general, it is best to specify a custom location for the temporary directory rather than using the default location, which is the user’s temporary directory.

The station will keep all work-in-progress files in the temporary directory. To prevent access to these files, that directory should be restricted such that only the dedicated station user name has read/write access to it. All other users should have no access to this directory. This arrangement will prevent anyone from logging on to the station computer and having access to work-in-progress files.

In this environment it is impossible to prevent a SIMULIA Execution Engine job from (possibly) accessing another user’s unrelated work-in-progress files. All work-in-progress files are created by the same dedicated user name, and all will be accessible from any other SIMULIA Execution Engine jobs. However, it would require some explicit effort for a SIMULIA Execution Engine job to access unrelated work-in-progress files, because they are kept in separate subdirectories. The station Run-as security feature must be used to prevent this type of file access.

About File System Security With Run-As

When the station Run-As feature is enabled, each user’s work is executed in that user’s security context. Access to files on the SIMULIA Execution Engine station computer will be dictated by the file system permission of the user who submitted the job.

In general, the system running the station must be configured to allow read access for all users to parts of the file system needed to run the station, which includes the basic operating system files and the SIMULIA Execution Engine installation directory. The administrator can choose to make these directories readable for all users or only for those users that will be running SIMULIA Execution Engine jobs on the station. The SIMULIA Execution Engine installation directory should not be configured with write permission for users running jobs.

The station will keep all work-in-progress files in the temporary directory. Within that directory, each substation (user) will create a subdirectory with permissions that allow access only by the submitting user. This prevents one user’s job from accessing work-in-progress files from another user’s job.

The station should be configured with an explicit temporary directory by specifying a directory name in the station.properties file (located at the top level of the SIMULIA Execution Engine or station installation directory). On Windows, this directory should be configured with the following permissions for all users that will run jobs on the station:

  • read

  • write

  • execute

  • create folders

  • create files

Note: You can grant all the necessary permissions using the Modify option available from the Security tab on the directory’s Properties dialog box. For more information, contact your local system administrator.

All other users should have no access to this directory to prevent casual users logged on to the system from accessing work-in-progress files. If the system is physically secure or there is no threat from logged on users, these permissions can be granted to all users.